alphv attacks Innotec #100 | LED Lighting and Technology Manufacturer
Incident Date:
April 30, 2022
Overview
Title
alphv attacks Innotec #100 | LED Lighting and Technology Manufacturer
Victim
Innotec #100 | LED Lighting and Technology Manufacturer
Attacker
Alphv
Location
First Reported
April 30, 2022
Innotec #100 | LED Lighting and Technology Manufacturer Targeted by ALPHV Ransomware Group
Company Overview
Innotec, a leading LED lighting and counterweight manufacturer, has been targeted by the ALPHV ransomware group, as reported on the dark web leak site. The company, which operates in the manufacturing sector, has a website at http://www.innotecgroup.com/.
Innotec is known for its commitment to innovation and sustainability. The company has developed numerous patents and trade secrets over the last 30 years, focusing on industrial LED lighting, headrest stays, and metal forming, as well as counterweights. Innotec is dedicated to promoting sustainability by producing PCB-free LED lighting and recycled-material counterweights, minimizing its environmental impact and providing customers with more sustainable and cost-effective solutions.
Vulnerabilities and Targeting
The ALPHV ransomware group, also known as BlackCat, has been observed targeting various organizations worldwide since November 18, 2021. ALPHV is written in the Rust programming language and supports execution on Windows, Linux-based operating systems, and VMWare ESXi. The group can encrypt files using either the AES or ChaCha20 algorithms and can delete volume shadow copies, stop processes and services, and stop virtual machines on ESXi servers to maximize the amount of ransomed data.
Mitigation and Response
In the wake of this attack, it is crucial for Innotec and other organizations to implement robust cybersecurity measures to protect against ransomware attacks. This includes regular software updates, employee training, and the use of multi-factor authentication (MFA) to prevent unauthorized access. Additionally, organizations should consider implementing defense-in-depth strategies, such as automated moving target defense (AMTD), to deter and delay attackers.
Sources
- Ransomware Posts - GitHub Pages: https://github.com
- Groups profiles - RansomLook
- cybersecurity--q3-2023.pdf - Houlihan Lokey: https://www.hl.com
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.